Andreas Hartmann wrote:
Jörn Nettingsmeier wrote:
hi *!
while i'm preparing a patch to change usecase policies to
deny-by-default, it occured to me that we need to modularize default
usecase policies...
how hard will it be to implement the following:
* every module that contains usecases must also contain a
config/ac/usecase-policies.xml
-1
I have to agree here -1 on usecases setting their own policies.
I do like the idea of the policy check falling back to the parent
template if no policy exists for the usecase in the current pub.
--Doug
IMO the access control should be up to the publication. The module should
not decide if a usecase is protected - it doesn't even know in which
context (i.e. in which publication) it is used.
-- Andreas
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
